Microsoft has released 6 updates in this month's patch Tuesday, including a patch for a critical hole which the software maker warns could be hit within the next 30 days. Microsoft is warning that there’s a remote, pre-authentication, network-accessible code execution vulnerability in its implementation of the RDP protocol.

A remote code execution vulnerability exists in the way that the Remote Desktop Protocol accesses an object in memory that has been improperly initialized or has been deleted. An attacker who successfully exploited this vulnerability could run abitrary code on the target system. An attacker could then install programs; view,change, or delete data; or create new accounts with full user rights, Read More.

The vulnerability, which affects all versions of Windows, was privately reported to Microsoft’s via the ZDI vulnerability broker service and the company said it was not yet aware of any attacks in the wild. The threat was given the highest rating on Microsoft's exploitability index, meaning that the exploit is an "attractive target for attackers" because they "could consistently exploit that vulnerability," according to Microsoft.

Among the other patches that Microsoft has issued, 4 are also marked as important. A DLL preloading issue in Expression Design has been fixed and Visual Studio's add on also gets an issue resolved. In addition fixes for kernel and DNS system level issues have also been addressed.